Jump to content

PHP Search Form - Help


blepblep

Recommended Posts

Hi, I was wondering could anyone help me here please, I'm pretty stuck and not sure what's wrong.

 

I have also posted this topic on Daniweb if that is OK as I'm kind of stuck for time on this (If I'm not allowed post on multiple forums this can be deleted). I have a database that contains files and I want to be able to search those files by putting in a ID number into a textbox on my homepage of a website I'm working on. In my databse my doc_id is the primary key, and I want the user to be able to enter a document ID and have all the information returned to them.

 

Can anyone help me here as I don't understand why it isn't working? Here is the code as it is at the moment -

 

<?php
include 'connect_db.php';
include 'newheader.php';

function sanitize_data($data)
    {
        $data = array_map('trim',$data);
        $data = array_map('strip_tags',$data);
        $data = array_map('htmlspecialchars',$data);
        $data = array_map('mysql_real_escape_string',$data);
        return $data;
    }
    $post = sanitize_data($_POST);

if (isset($_POST['searchID']))
{
$find = $_POST['find'];

$find = strtoupper($find);
$find = strip_tags($find);
$find = trim ($find);

$field = $_POST['field'];

$data = mysql_query("SELECT * FROM tc_tool.forms WHERE upper(".$field.") LIKE'%$find%'") or die(mysql_error());

while ($result = mysql_fetch_array( $data ))
{
	echo $result['doc_number'];
	echo " ";
	echo $result['doc_title'];
	echo " ";
	echo "<br>";
	echo "<br>";
}
?>

 

The error returned to me is this -

 

Incorrect parameter count in the call to native function 'upper'

 

Here is the code to my button too if it is any use -

 

<body onLoad = "documentNumber.focus()">

			<input type= "text" id= "documentNumber" name= "searchbyequipmenttype" class= "eSearchFormInput"/>
			<input type= "submit" name= "searchID" value="Search By Doc ID" /><br />

 

And I have no idea why it is, can anyone help if possible? I have tried it a few ways so if needed I'll post the other ways I've tried it. Thanks if anyone can help :)

 

Link to comment
Share on other sites

  • Replies 52
  • Created
  • Last Reply

changing this:

$data = mysql_query("SELECT * FROM tc_tool.forms WHERE upper(".$field.") LIKE'%$find%'") or die(mysql_error());

to this:

$sql = <<<SQL
SELECT *
FROM tc_tool.forms
WHERE
(
UPPER('$field') LIKE '%$find%'
)
SQL;
$result = mysql_query($sql) or die(mysql_error())."<br>----------------<br>$sql");

will help you diagnose the problem with the query.

 

It's looking like $field is empty.  Also, this code doesn't look like what your description said you wanted your search to perform.

 

As for not being allowed to post on other forums....we're here to help, having that rule would be somewhat counter productive.  It's all about getting the solution to a problem, whether it be here or anywhere else.

Link to comment
Share on other sites

Thanks for the reply Muddy. Alright that's cool about the multiple posting, some forums don't like it as far as I no.

 

I've changed it to this now -

 

<?php

include 'connect_db.php';
include 'newheader.php';

function sanitize_data($data)
    {
        $data = array_map('trim',$data);
        $data = array_map('strip_tags',$data);
        $data = array_map('htmlspecialchars',$data);
        $data = array_map('mysql_real_escape_string',$data);
        return $data;
    }
    $post = sanitize_data($_POST);

if (isset($_POST['searchID']))
{
$find = strtoupper($find);
$find = strip_tags($find);
$find = trim ($find);

$field = $_POST['field'];

$sql = <<<SQL
SELECT *
FROM tc_tool.forms
WHERE
(
UPPER('$field') LIKE '%$find%'
)
SQL;
$result = mysql_query($sql) or die(mysql_error())."<br>----------------<br>$sql";

while ($result = mysql_fetch_array( $data ))
{
	echo $result['doc_id'];
	echo " ";
	echo $result['doc_title'];
	echo " ";
	echo "<br>";
	echo "<br>";
}

?>

<?php include "footer.php" ?>

 

And this is my error I get -

 

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /opt/htdocs/webpages/TC_Tool/Tool/searchByDocID.php on line 38

 

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /opt/htdocs/webpages/TC_Tool/Tool/searchByDocID.php on line 48

 

I have also tried it with changing

while ($result = mysql_fetch_array( $data ))

to this

while ($result = mysql_fetch_array( $sql ))

but I still the get the first error shown above..

 

 

Sorry if I didnt explain what I am looking for properly. What I am trying to do is on my front page, I have a text box (Which the code for is in my first post). I want to be able to enter in an id such as 300 for example, and then click search, that search should then return the form that is associated with the id - 300 - I understand how to do the displaying part of the form correctly but I cannot get it to search the database for it, my query is probably wrong but I don't no how to fix it.

Link to comment
Share on other sites

I can't edit my above post but is this any more helpful to what is going wrong?

 

Sorry Muddy I should have said, but where I have $field = $_POST['field'], should 'field' be related to a row in the database? If it should be, I don't have any row called field. But I do have doc_id, and I changed it to this -

 

$doc_id = $_POST['doc_id'];

$data = mysql_query("SELECT * FROM tc_tool.forms WHERE upper(".$doc_id.") LIKE'%$find%'") or die (mysql_error());

 

And when I run it I get this error -

 

Incorrect parameter count in the call to native function 'upper'

 

Any idea's?

Link to comment
Share on other sites

I get this..

 

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /opt/htdocs/webpages/TC_Tool/Tool/searchByDocID.php on line 39

 

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /opt/htdocs/webpages/TC_Tool/Tool/searchByDocID.php on line 49

Sorry, but we can not find an entry to match your query

 

Would it have anything got to do with my button, as in is it taking in what's typed? Or any idea if it has to do with this -

 

I have also tried it with changing

Code: [select]

while ($result = mysql_fetch_array( $data ))

to this

Code: [select]

while ($result = mysql_fetch_array( $sql ))

but I still the get the first error shown above..

Link to comment
Share on other sites

you need to address the form element by it's name in the $_POST array - so try this as a test:

$id = $_POST['searchbyequipmenttype'];
$sql = <<<SQL
SELECT *
FROM tc_tool.forms
WHERE
(
doc_id =$id
)
SQL;
$result = mysql_query($sql) or die(mysql_error()."<br>-----------<br>$sql);
$row = mysql_fetch_assoc($result);
var_dump($row);

Link to comment
Share on other sites

Ok I done this -

if (isset($_POST['searchID']))
{
$find = strtoupper($find);
$find = strip_tags($find);
$find = trim ($find);

$doc_id = $_POST['doc_id'];

$id = $_POST['searchbyequipmenttype'];
$sql = <<<SQL
SELECT *
FROM tc_tool.forms
WHERE
(
doc_id =$id
)
SQL;
$result = mysql_query($sql) or die(mysql_error()."<br>-----------<br>$sql");
$row = mysql_fetch_assoc($result);
var_dump($row);

 

This is the output -

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 6

-----------

SELECT * FROM tc_tool.forms WHERE ( doc_id = )

 

Muddy, would I be getting an error because doc_id isn't a form element? It's just used in the database, nowhere else. The only fields that I am using are these below -

 

                       doc_title, 
			doc_number, 
			doc_type,
			revision, 
			cdm_link,
			main_req_id,
			mars_link, 
			checklist_link, 
			link_internal_1_3, 
			impacted_products,
			scope, 
			impacted_products_2,
			review_class, 
			full_or_simplified, 
			earliest_date, 
			latest_date, 
			previous_tc_reviews,
			proj_name, 
			author_name, 
			req_list, 
			optional_list,
			information_only,
			chairperson,
			reviewers_required,
			review_duration, 
			document_abstract

 

I don't no why this isn't working, it's really annoying but probably something stupid that I'm missing.

 

 

Link to comment
Share on other sites

problem is getting the information from the form to the script.  Your form element name that we want to look at is "searchbyequipmenttype" so we use the line $id = $_POST['searchbyequipmenttype']; to get it from the POST array, only problem is, it's not got anything in it. So we need to now look at the form. where is your form? on the same page or on a different one and do you have any other code that the form uses that you didn't post??

Link to comment
Share on other sites

Ok, well I have this form, which is the search bar one -

 

<?php

include 'connect_db.php';
include 'newheader.php';

function sanitize_data($data)
    {
        $data = array_map('trim',$data);
        $data = array_map('strip_tags',$data);
        $data = array_map('htmlspecialchars',$data);
        $data = array_map('mysql_real_escape_string',$data);
        return $data;
    }
    $post = sanitize_data($_POST);

if (isset($_POST['searchID']))
{
$find = strtoupper($find);
$find = strip_tags($find);
$find = trim ($find);

$field = $_POST['field'];

$id = $_POST['searchbyequipmenttype'];
$sql = <<<SQL
SELECT *
FROM tc_tool.forms
WHERE
(
doc_id =$id
)
SQL;
$result = mysql_query($sql) or die(mysql_error()."<br>-----------<br>$sql");
$row = mysql_fetch_assoc($result);
var_dump($row);

while ($result = mysql_fetch_array( $data ))
{
	echo $result['doc_id'];
	echo " ";
	echo $result['doc_title'];
	echo " ";
	echo "<br>";
	echo "<br>";
}
}
?>

 

Then once searchID which is the name of the button is pressed, it goes to this -

 

<?php

include "newheader.php";
include "connect_db.php";
include "lib/toolfunctions.php";

?>

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <meta http-equiv="Content-Language" content="en" />
</head>

<body>
		<p>
		<form action = "searchByDocID.php" method = "post">
		<!-- body onLoad focuses textbox on load
			-- Only works in Chrome at the moment -->
			<body onLoad = "documentNumber.focus()">

			<input type= "text" id= "documentNumber" name= "searchbyequipmenttype"/>
			<input type= "submit" name= "searchID" value="Search By Doc ID" /><br />

			<font size = '2'>EG: 123</font>
		</p>
	</form>		

<div id="toolFooterWrapper">
	<div id="toolFooter">

		TC Tool<br/>Version 1.00

	</div>
</div>
</body>
</html>

 

They are the only two forms that are being used at the moment. So once the user types a number into the search bar, I want it to go to the searchByDocID.php file, and in the searchByDocID.php file I have the query that should return the file.

 

So everything I have in the above is how it runs at the moment, and when I run it I get this error -

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 6

-----------

SELECT * FROM tc_tool.forms WHERE ( doc_id = )

 

Could you possibly explain this to me please -

 name= "searchbyequipmenttype"

Is that relevant or can I delete it? I'm getting confused myself from looking at it all day!!

Link to comment
Share on other sites

ok, assuming this to be your searchByDocID.php :

<?php

include 'connect_db.php';
include 'newheader.php';

function sanitize_data($data)
    {
        $data = array_map('trim',$data);
        $data = array_map('strip_tags',$data);
        $data = array_map('htmlspecialchars',$data);
        $data = array_map('mysql_real_escape_string',$data);
        return $data;
    }
    $post = sanitize_data($_POST);

if (isset($_POST['searchID']))
//...

 

if it is I would like you to add a line at the top of the page:

<?php
die(print_r($_POST));

 

Let me know what you get on the page from that.

Link to comment
Share on other sites

Yep thats searchByDocID.php. I done that and got this when it ran -

 

Array ( [searchbyequipmenttype] => [searchID] => Search By Doc ID ) 1

 

What is it doing with searchbyequipmenttype there?!

 

Thanks for all the help so far by the way.

Link to comment
Share on other sites

Yeah I am :D I have only one entry in the DB which is number 340, and when I type 340 in and click search I get this -

 

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /opt/htdocs/webpages/TC_Tool/Tool/searchByDocID.php on line 36

 

Sorry, I only realised when I leave the search box empty I get this -

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 6

-----------

SELECT * FROM tc_tool.forms WHERE ( doc_id = )

 

AND, when I leave in 

var_dump($row);

and enter 340 into the search bar, I get this result -

 

array(27) { ["doc_id"]=> string(3) "340" ["doc_title"]=> string(11) "david flynn" ["doc_number"]=> string(4) "0012" ["doc_type"]=> string(2) "IS" ["revision"]=> string(14) "www.google.com" ["cdm_link"]=> string(4) "blab" ["main_req_id"]=> string(0) "" ["mars_link"]=> string(0) "" ["checklist_link"]=> string(0) "" ["link_internal_1_3"]=> string(0) "" ["impacted_products"]=> string(0) "" ["scope"]=> string(0) "" ["impacted_products_2"]=> string(0) "" ["review_class"]=> string(0) "" ["full_or_simplified"]=> string(0) "" ["earliest_date"]=> string(0) "" ["latest_date"]=> string(0) "" ["previous_tc_reviews"]=> string(0) "" ["proj_name"]=> string(13) "OSS-RC Energi" ["author_name"]=> string(0) "" ["chairperson"]=> string(0) "" ["req_list"]=> string(0) "" ["optional_list"]=> string(0) "" ["information_only"]=> string(0) "" ["reviewers_required"]=> string(0) "" ["review_duration"]=> string(0) "" ["document_abstract"]=> string(0) "" }

 

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /opt/htdocs/webpages/TC_Tool/Tool/searchByDocID.php on line 37

 

Would that have something got to do with this taking in $data when I don't have anything else named $data?

 

while ($result = mysql_fetch_array( $data ))

 

Link to comment
Share on other sites

Done that there and this is the result -

 

Array ( [searchbyequipmenttype] => 340 [searchID] => Search By Doc ID ) 1

 

 

I don't no why but I have a feeling it has something to do with my button code -

 

<form action = "searchByDocID.php" method = "post">
<!-- body onLoad focuses textbox on load
    -- Only works in Chrome at the moment -->
<body onLoad = "documentNumber.focus()">
<input type= "text" id= "documentNumber" name= "searchbyequipmenttype"/>
<input type= "submit" name= "searchID" value="Search By Doc ID" /><br />

 

 

Which goes to this (searchByDocID.php) -

 

 

if (isset($_POST['searchID']))
{
$find = strtoupper($find);
$find = strip_tags($find);
$find = trim ($find);

$field = $_POST['field'];

$id = $_POST['searchID'];
$sql = <<<SQL
SELECT *
FROM tc_tool.forms
WHERE
(
doc_id =$id
)
SQL;

$data = mysql_query($sql) or die(mysql_error())."<br>-----------<br>$sql";

while ($result = mysql_fetch_array( $data ))
        {
         .........
         }

 

Link to comment
Share on other sites

Done that and get this -

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'By Doc ID )' at line 5

 

When I change

 

<input type= "submit" name= "searchID" value="Search By Doc ID" /><br />

 

to

 

<input type= "submit" name= "searchID" value="SearchByDocID" /><br />

 

I get this though -

 

Unknown column 'SearchByDocID' in 'where clause'

 

I don't understand why I'm getting that though?!

Link to comment
Share on other sites

Ok, thanks for all the help so far too.

 

Here is my index page -

 

<?php

//----------------
// Include files 
// - Connect to DB
//----------------

include "newheader.php";
include "connect_db.php";
include "lib/toolfunctions.php";

?>

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <meta http-equiv="Content-Language" content="en" />
</head>

<body>
		<p>
		<form action = "searchByDocID.php" method = "post">
		<!-- body onLoad focuses textbox on load
			-- Only works in Chrome at the moment -->
			<body onLoad = "documentNumber.focus()">

			<input type= "text" id= "documentNumber" name= "searchbyequipmenttype"/>
			<input type= "submit" name= "searchID" value="Search By Doc ID" /><br />

			<font size = '2'>EG: 123</font>
		</p>
	</form>		

<div id="toolFooterWrapper">
	<div id="toolFooter">

		TC Tool<br/>Version 1.00

	</div>
</div>
</body>
</html>

 

Here is searchByDocID.php -

 

<?php

include 'connect_db.php';
include 'newheader.php';

function sanitize_data($data)
    {
        $data = array_map('trim',$data);
        $data = array_map('strip_tags',$data);
        $data = array_map('htmlspecialchars',$data);
        $data = array_map('mysql_real_escape_string',$data);
        return $data;
    }
    $post = sanitize_data($_POST);

if (isset($_POST['searchID']))
{
$find = strtoupper($find);
$find = strip_tags($find);
$find = trim ($find);

$field = $_POST['field'];

$id = $_POST['searchID'];
$sql = <<<SQL
SELECT *
FROM tc_tool.forms
WHERE
(
doc_id =$id
)
SQL;

$data = mysql_query($sql) or die(mysql_error())."<br>-----------<br>$sql";

while ($result = mysql_fetch_array( $data ))
{
	echo $row  ['doc_id'] . 			" <br /> " 
		. $row ['doc_title'] . 			" <br /> "
		. $row ['doc_number'] .			" <br /> "
		. $row ['doc_type'] . 			" <br /> " 
		. $row ['revision'] . 			" <br /> " 
		. $row ['cdm_link'] . 			" <br /> "
		. $row ['mars_link'] .			" <br /> "
		. $row ['checklist_link'] .		" <br /> "
		. $row ['link_internal_1_3']. 	" <br /> "
		. $row ['impacted_products'].	" <br /> "
		. $row ['scope'].				" <br /> "
		. $row ['impacted_products_2'] ." <br /> "
		. $row ['review_class'].		" <br /> "
		. $row ['full_simplified'] .	" <br /> "
		. $row ['pref_earliest'] . 		" <br /> "
		. $row ['pref_latest'] . 		" <br /> "
		. $row ['prev_reviews'] . 		" <br /> "
		. $row ['proj_name'] .			" <br /> "
		. $row ['auth_name'] . 			" <br /> "
		. $row ['req_list'] .			" <br /> "
		. $row ['optional_list'] .		" <br /> "
		. $row ['information_only'] . 	" <br /> "
		. $row ['chairperson'] .		" <br /> "
		. $row ['req_reviewers'] .		" <br /> "
		. $row ['review_duration'] .	" <br /> "
		. $row ['document_abstract'] . 	" <br /> "; 
}
}
?>
<?php include "footer.php" ?>

 

That's the two of them..

 

Link to comment
Share on other sites

Alright I done that, and get a blank page. No errors though or anything so I'm wondering is it my query?

 

Is it right in passing in $data to the $result as seen here?

 

$id = $_POST['searchbyequipmenttype'];
$sql = <<<SQL
SELECT *
FROM tc_tool.forms
WHERE
(
doc_id =$id
)
SQL;

$data = mysql_query($sql) or die(mysql_error())."<br>-----------<br>$sql";

while ($result = mysql_fetch_array( $data ))

 

Because when I pass in $sql to where $data is so it looks like this -

 

$data = mysql_query($sql) or die(mysql_error())."<br>-----------<br>$sql";

while ($result = mysql_fetch_array( $sql ))

 

I get this -

 

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /opt/htdocs/webpages/TC_Tool/Tool/searchByDocID.php on line 36

Link to comment
Share on other sites

ok, replace your searchByDocID.php code (all of it) with this:

<?php

include 'connect_db.php';
include 'newheader.php';

function sanitize_data($data)
    {
        $data = array_map('trim',$data);
        $data = array_map('strip_tags',$data);
        $data = array_map('htmlspecialchars',$data);
        $data = array_map('mysql_real_escape_string',$data);
        return $data;
    }
    $post = sanitize_data($_POST);

if (isset($post['searchID']) && $post['searchbyequipmenttype' != '')
{
$id = $post['searchbyequipmenttype'];
$sql = <<<SQL
SELECT *
FROM tc_tool.forms
WHERE
(
doc_id =$id
)
SQL;

$data = mysql_query($sql) or die(mysql_error()."<br>-----------<br>$sql");

while ($result = mysql_fetch_array( $data ))
{
	echo $row  ['doc_id'] . 			" <br /> " 
		. $row ['doc_title'] . 			" <br /> "
		. $row ['doc_number'] .			" <br /> "
		. $row ['doc_type'] . 			" <br /> " 
		. $row ['revision'] . 			" <br /> " 
		. $row ['cdm_link'] . 			" <br /> "
		. $row ['mars_link'] .			" <br /> "
		. $row ['checklist_link'] .		" <br /> "
		. $row ['link_internal_1_3']. 	" <br /> "
		. $row ['impacted_products'].	" <br /> "
		. $row ['scope'].				" <br /> "
		. $row ['impacted_products_2'] ." <br /> "
		. $row ['review_class'].		" <br /> "
		. $row ['full_simplified'] .	" <br /> "
		. $row ['pref_earliest'] . 		" <br /> "
		. $row ['pref_latest'] . 		" <br /> "
		. $row ['prev_reviews'] . 		" <br /> "
		. $row ['proj_name'] .			" <br /> "
		. $row ['auth_name'] . 			" <br /> "
		. $row ['req_list'] .			" <br /> "
		. $row ['optional_list'] .		" <br /> "
		. $row ['information_only'] . 	" <br /> "
		. $row ['chairperson'] .		" <br /> "
		. $row ['req_reviewers'] .		" <br /> "
		. $row ['review_duration'] .	" <br /> "
		. $row ['document_abstract'] . 	" <br /> "; 
}
}
else{
  echo "there was a problem with the form, please try again and make sure you have filled in a document number";
  }
include "footer.php" ?>

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.